public void Initialize(string applicationName, SqlConnectionHolder holder, SqlMembershipProvider sqlMembershipProvider, int commandTimeout)
 {
     CommandTimeout = commandTimeout;
     Holder = holder;
     Provider = sqlMembershipProvider;
     ApplicationName = applicationName;
 }
 /// <devdoc>
 /// </devdoc>
 internal static SqlConnectionHolder GetConnection(string connectionString, bool revertImpersonation)
 {
     var holder = new SqlConnectionHolder(connectionString);
     var closeConn = true;
     try
     {
         holder.Open(revertImpersonation);
         closeConn = false;
     }
     finally
     {
         if (closeConn)
         {
             holder.Close();
             holder = null;
         }
     }
     return holder;
 }
Exemple #3
0
        protected override void SavePersonalizationBlob(WebPartManager webPartManager, string path, string userName, byte[] dataBlob)
        {
            SqlConnectionHolder connectionHolder = null;
            SqlConnection       connection       = null;

            try
            {
                try
                {
                    connectionHolder = this.GetConnectionHolder();
                    connection       = connectionHolder.Connection;
                    this.CheckSchemaVersion(connection);
                    this.SavePersonalizationState(connection, path, userName, dataBlob);
                }
                catch (SqlException exception)
                {
                    if ((userName == null) || (((exception.Number != 0xa43) && (exception.Number != 0xa29)) && (exception.Number != 0x9d0)))
                    {
                        throw;
                    }
                    this.SavePersonalizationState(connection, path, userName, dataBlob);
                }
                finally
                {
                    if (connectionHolder != null)
                    {
                        connectionHolder.Close();
                        connectionHolder = null;
                    }
                }
            }
            catch
            {
                throw;
            }
        }
Exemple #4
0
        private PersonalizationStateInfoCollection FindSharedState(string path,
                                                                   int pageIndex,
                                                                   int pageSize,
                                                                   out int totalRecords)
        {
            SqlConnectionHolder connectionHolder = null;
            SqlConnection       connection       = null;
            SqlDataReader       reader           = null;

            totalRecords = 0;

            // Extra try-catch block to prevent elevation of privilege attack via exception filter
            try {
                try {
                    connectionHolder = GetConnectionHolder();
                    connection       = connectionHolder.Connection;
                    Debug.Assert(connection != null);

                    CheckSchemaVersion(connection);

                    SqlCommand command = new SqlCommand("dbo.aspnet_PersonalizationAdministration_FindState", connection);
                    SetCommandTypeAndTimeout(command);
                    SqlParameterCollection parameters = command.Parameters;

                    SqlParameter parameter = parameters.Add(new SqlParameter("AllUsersScope", SqlDbType.Bit));
                    parameter.Value = true;

                    parameters.AddWithValue("ApplicationName", ApplicationName);
                    parameters.AddWithValue("PageIndex", pageIndex);
                    parameters.AddWithValue("PageSize", pageSize);

                    SqlParameter returnValue = new SqlParameter("@ReturnValue", SqlDbType.Int);
                    returnValue.Direction = ParameterDirection.ReturnValue;
                    parameters.Add(returnValue);

                    parameter = parameters.Add("Path", SqlDbType.NVarChar);
                    if (path != null)
                    {
                        parameter.Value = path;
                    }

                    parameter = parameters.Add("UserName", SqlDbType.NVarChar);
                    parameter = parameters.Add("InactiveSinceDate", SqlDbType.DateTime);

                    reader = command.ExecuteReader(CommandBehavior.SequentialAccess);
                    PersonalizationStateInfoCollection sharedStateInfoCollection = new PersonalizationStateInfoCollection();

                    if (reader != null)
                    {
                        if (reader.HasRows)
                        {
                            while (reader.Read())
                            {
                                string returnedPath = reader.GetString(0);

                                // Data can be null if there is no data associated with the path
                                DateTime lastUpdatedDate = (reader.IsDBNull(1)) ? DateTime.MinValue :
                                                           DateTime.SpecifyKind(reader.GetDateTime(1), DateTimeKind.Utc);
                                int size         = (reader.IsDBNull(2)) ? 0 : reader.GetInt32(2);
                                int userDataSize = (reader.IsDBNull(3)) ? 0 : reader.GetInt32(3);
                                int userCount    = (reader.IsDBNull(4)) ? 0 : reader.GetInt32(4);
                                sharedStateInfoCollection.Add(new SharedPersonalizationStateInfo(
                                                                  returnedPath, lastUpdatedDate, size, userDataSize, userCount));
                            }
                        }

                        // The reader needs to be closed so return value can be accessed
                        // See MSDN doc for SqlParameter.Direction for details.
                        reader.Close();
                        reader = null;
                    }

                    // Set the total count at the end after all operations pass
                    if (returnValue.Value != null && returnValue.Value is int)
                    {
                        totalRecords = (int)returnValue.Value;
                    }

                    return(sharedStateInfoCollection);
                }
                finally {
                    if (reader != null)
                    {
                        reader.Close();
                    }

                    if (connectionHolder != null)
                    {
                        connectionHolder.Close();
                        connectionHolder = null;
                    }
                }
            }
            catch {
                throw;
            }
        }
Exemple #5
0
        private int GetCountOfUserState(string path, DateTime inactiveSinceDate, string username)
        {
            SqlConnectionHolder connectionHolder = null;
            SqlConnection       connection       = null;
            int count = 0;

            // Extra try-catch block to prevent elevation of privilege attack via exception filter
            try {
                try {
                    connectionHolder = GetConnectionHolder();
                    connection       = connectionHolder.Connection;
                    Debug.Assert(connection != null);

                    CheckSchemaVersion(connection);

                    SqlCommand command = new SqlCommand("dbo.aspnet_PersonalizationAdministration_GetCountOfState", connection);
                    SetCommandTypeAndTimeout(command);
                    SqlParameterCollection parameters = command.Parameters;

                    SqlParameter parameter = parameters.Add(new SqlParameter("Count", SqlDbType.Int));
                    parameter.Direction = ParameterDirection.Output;

                    parameter       = parameters.Add(new SqlParameter("AllUsersScope", SqlDbType.Bit));
                    parameter.Value = false;

                    parameters.AddWithValue("ApplicationName", ApplicationName);

                    parameter = parameters.Add("Path", SqlDbType.NVarChar);
                    if (path != null)
                    {
                        parameter.Value = path;
                    }

                    parameter = parameters.Add("UserName", SqlDbType.NVarChar);
                    if (username != null)
                    {
                        parameter.Value = username;
                    }

                    parameter = parameters.Add("InactiveSinceDate", SqlDbType.DateTime);
                    if (inactiveSinceDate != PersonalizationAdministration.DefaultInactiveSinceDate)
                    {
                        parameter.Value = inactiveSinceDate.ToUniversalTime();
                    }

                    command.ExecuteNonQuery();
                    parameter = command.Parameters[0];
                    if (parameter != null && parameter.Value != null && parameter.Value is Int32)
                    {
                        count = (Int32)parameter.Value;
                    }
                }
                finally {
                    if (connectionHolder != null)
                    {
                        connectionHolder.Close();
                        connectionHolder = null;
                    }
                }
            }
            catch {
                throw;
            }

            return(count);
        }
Exemple #6
0
        //////////////////////////////////////////////////////////////////////
        //////////////////////////////////////////////////////////////////////
        //////////////////////////////////////////////////////////////////////
        public override string[] FindUsersInRole(string roleName, string usernameToMatch)
        {
            SecUtility.CheckParameter(ref roleName, true, true, true, 256, "roleName");
            SecUtility.CheckParameter(ref usernameToMatch, true, true, false, 256, "usernameToMatch");

            try {
                SqlConnectionHolder holder = null;

                try {
                    holder = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);
                    CheckSchemaVersion(holder.Connection);

                    SqlCommand       cmd    = new SqlCommand("dbo.aspnet_UsersInRoles_FindUsersInRole", holder.Connection);
                    SqlDataReader    reader = null;
                    SqlParameter     p      = new SqlParameter("@ReturnValue", SqlDbType.Int);
                    StringCollection sc     = new StringCollection();

                    cmd.CommandType    = CommandType.StoredProcedure;
                    cmd.CommandTimeout = CommandTimeout;

                    p.Direction = ParameterDirection.ReturnValue;
                    cmd.Parameters.Add(p);
                    cmd.Parameters.Add(CreateInputParam("@ApplicationName", SqlDbType.NVarChar, ApplicationName));
                    cmd.Parameters.Add(CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName));
                    cmd.Parameters.Add(CreateInputParam("@UserNameToMatch", SqlDbType.NVarChar, usernameToMatch));
                    try {
                        reader = cmd.ExecuteReader(CommandBehavior.SequentialAccess);
                        while (reader.Read())
                        {
                            sc.Add(reader.GetString(0));
                        }
                    }
                    catch
                    {
                        throw;
                    }
                    finally
                    {
                        if (reader != null)
                        {
                            reader.Close();
                        }
                    }
                    if (sc.Count < 1)
                    {
                        switch (GetReturnValue(cmd))
                        {
                        case 0:
                            return(new string[0]);

                        case 1:
                            throw new ProviderException(SR.GetString(SR.Provider_role_not_found, roleName));

                        default:
                            throw new ProviderException(SR.GetString(SR.Provider_unknown_failure));
                        }
                    }
                    String[] strReturn = new String[sc.Count];
                    sc.CopyTo(strReturn, 0);
                    return(strReturn);
                }
                finally
                {
                    if (holder != null)
                    {
                        holder.Close();
                        holder = null;
                    }
                }
            }
            catch
            {
                throw;
            }
        }
Exemple #7
0
        //////////////////////////////////////////////////////////////////////
        //////////////////////////////////////////////////////////////////////
        //////////////////////////////////////////////////////////////////////

        public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
        {
            SecUtility.CheckArrayParameter(ref roleNames, true, true, true, 256, "roleNames");
            SecUtility.CheckArrayParameter(ref usernames, true, true, true, 256, "usernames");

            bool beginTranCalled = false;

            try {
                SqlConnectionHolder holder = null;
                try
                {
                    holder = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);
                    CheckSchemaVersion(holder.Connection);
                    int numUsersRemaing = usernames.Length;
                    while (numUsersRemaing > 0)
                    {
                        int    iter;
                        string allUsers = usernames[usernames.Length - numUsersRemaing];
                        numUsersRemaing--;
                        for (iter = usernames.Length - numUsersRemaing; iter < usernames.Length; iter++)
                        {
                            if (allUsers.Length + usernames[iter].Length + 1 >= 4000)
                            {
                                break;
                            }
                            allUsers += "," + usernames[iter];
                            numUsersRemaing--;
                        }

                        int numRolesRemaining = roleNames.Length;
                        while (numRolesRemaining > 0)
                        {
                            string allRoles = roleNames[roleNames.Length - numRolesRemaining];
                            numRolesRemaining--;
                            for (iter = roleNames.Length - numRolesRemaining; iter < roleNames.Length; iter++)
                            {
                                if (allRoles.Length + roleNames[iter].Length + 1 >= 4000)
                                {
                                    break;
                                }
                                allRoles += "," + roleNames[iter];
                                numRolesRemaining--;
                            }

                            if (!beginTranCalled && (numUsersRemaing > 0 || numRolesRemaining > 0))
                            {
                                (new SqlCommand("BEGIN TRANSACTION", holder.Connection)).ExecuteNonQuery();
                                beginTranCalled = true;
                            }
                            RemoveUsersFromRolesCore(holder.Connection, allUsers, allRoles);
                        }
                    }
                    if (beginTranCalled)
                    {
                        (new SqlCommand("COMMIT TRANSACTION", holder.Connection)).ExecuteNonQuery();
                        beginTranCalled = false;
                    }
                } catch  {
                    if (beginTranCalled)
                    {
                        (new SqlCommand("ROLLBACK TRANSACTION", holder.Connection)).ExecuteNonQuery();
                        beginTranCalled = false;
                    }
                    throw;
                } finally {
                    if (holder != null)
                    {
                        holder.Close();
                        holder = null;
                    }
                }
            } catch {
                throw;
            }
        }
Exemple #8
0
        public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
        {
            SecUtility.CheckArrayParameter(ref roleNames, true, true, true, 0x100, "roleNames");
            SecUtility.CheckArrayParameter(ref usernames, true, true, true, 0x100, "usernames");
            bool flag = false;

            try
            {
                SqlConnectionHolder connection = null;
                try
                {
                    connection = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true);
                    this.CheckSchemaVersion(connection.Connection);
                    int length = usernames.Length;
                    while (length > 0)
                    {
                        string str = usernames[usernames.Length - length];
                        length--;
                        int index = usernames.Length - length;
                        while (index < usernames.Length)
                        {
                            if (((str.Length + usernames[index].Length) + 1) >= 0xfa0)
                            {
                                break;
                            }
                            str = str + "," + usernames[index];
                            length--;
                            index++;
                        }
                        int num3 = roleNames.Length;
                        while (num3 > 0)
                        {
                            string str2 = roleNames[roleNames.Length - num3];
                            num3--;
                            for (index = roleNames.Length - num3; index < roleNames.Length; index++)
                            {
                                if (((str2.Length + roleNames[index].Length) + 1) >= 0xfa0)
                                {
                                    break;
                                }
                                str2 = str2 + "," + roleNames[index];
                                num3--;
                            }
                            if (!flag && ((length > 0) || (num3 > 0)))
                            {
                                new SqlCommand("BEGIN TRANSACTION", connection.Connection).ExecuteNonQuery();
                                flag = true;
                            }
                            this.RemoveUsersFromRolesCore(connection.Connection, str, str2);
                        }
                    }
                    if (flag)
                    {
                        new SqlCommand("COMMIT TRANSACTION", connection.Connection).ExecuteNonQuery();
                        flag = false;
                    }
                }
                catch
                {
                    if (flag)
                    {
                        new SqlCommand("ROLLBACK TRANSACTION", connection.Connection).ExecuteNonQuery();
                        flag = false;
                    }
                    throw;
                }
                finally
                {
                    if (connection != null)
                    {
                        connection.Close();
                        connection = null;
                    }
                }
            }
            catch
            {
                throw;
            }
        }
Exemple #9
0
        private ProfileInfoCollection GetProfilesForQuery(SqlParameter[] args, ProfileAuthenticationOption authenticationOption, int pageIndex, int pageSize, out int totalRecords)
        {
            ProfileInfoCollection infos2;

            if (pageIndex < 0)
            {
                throw new ArgumentException(System.Web.SR.GetString("PageIndex_bad"), "pageIndex");
            }
            if (pageSize < 1)
            {
                throw new ArgumentException(System.Web.SR.GetString("PageSize_bad"), "pageSize");
            }
            long num = ((pageIndex * pageSize) + pageSize) - 1L;

            if (num > 0x7fffffffL)
            {
                throw new ArgumentException(System.Web.SR.GetString("PageIndex_PageSize_bad"), "pageIndex and pageSize");
            }
            try
            {
                SqlConnectionHolder connection = null;
                SqlDataReader       reader     = null;
                try
                {
                    connection = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true);
                    this.CheckSchemaVersion(connection.Connection);
                    SqlCommand command = new SqlCommand("dbo.aspnet_Profile_GetProfiles", connection.Connection)
                    {
                        CommandTimeout = this.CommandTimeout,
                        CommandType    = CommandType.StoredProcedure
                    };
                    command.Parameters.Add(this.CreateInputParam("@ApplicationName", SqlDbType.NVarChar, this.ApplicationName));
                    command.Parameters.Add(this.CreateInputParam("@ProfileAuthOptions", SqlDbType.Int, (int)authenticationOption));
                    command.Parameters.Add(this.CreateInputParam("@PageIndex", SqlDbType.Int, pageIndex));
                    command.Parameters.Add(this.CreateInputParam("@PageSize", SqlDbType.Int, pageSize));
                    foreach (SqlParameter parameter in args)
                    {
                        command.Parameters.Add(parameter);
                    }
                    reader = command.ExecuteReader(CommandBehavior.SequentialAccess);
                    ProfileInfoCollection infos = new ProfileInfoCollection();
                    while (reader.Read())
                    {
                        string   username         = reader.GetString(0);
                        bool     boolean          = reader.GetBoolean(1);
                        DateTime lastActivityDate = DateTime.SpecifyKind(reader.GetDateTime(2), DateTimeKind.Utc);
                        DateTime lastUpdatedDate  = DateTime.SpecifyKind(reader.GetDateTime(3), DateTimeKind.Utc);
                        int      size             = reader.GetInt32(4);
                        infos.Add(new ProfileInfo(username, boolean, lastActivityDate, lastUpdatedDate, size));
                    }
                    totalRecords = infos.Count;
                    if (reader.NextResult() && reader.Read())
                    {
                        totalRecords = reader.GetInt32(0);
                    }
                    infos2 = infos;
                }
                finally
                {
                    if (reader != null)
                    {
                        reader.Close();
                    }
                    if (connection != null)
                    {
                        connection.Close();
                        connection = null;
                    }
                }
            }
            catch
            {
                throw;
            }
            return(infos2);
        }
Exemple #10
0
        private int ResetSharedState(string[] paths)
        {
            int resultCount = 0;

            if (paths == null)
            {
                resultCount = ResetAllState(PersonalizationScope.Shared);
            }
            else
            {
                SqlConnectionHolder connectionHolder = null;
                SqlConnection       connection       = null;

                // Extra try-catch block to prevent elevation of privilege attack via exception filter
                try {
                    bool beginTranCalled = false;
                    try {
                        connectionHolder = GetConnectionHolder();
                        connection       = connectionHolder.Connection;
                        Debug.Assert(connection != null);

                        CheckSchemaVersion(connection);

                        SqlCommand command = new SqlCommand("dbo.aspnet_PersonalizationAdministration_ResetSharedState", connection);
                        SetCommandTypeAndTimeout(command);
                        SqlParameterCollection parameters = command.Parameters;

                        SqlParameter parameter = parameters.Add(new SqlParameter("Count", SqlDbType.Int));
                        parameter.Direction = ParameterDirection.Output;

                        parameters.AddWithValue("ApplicationName", ApplicationName);

                        parameter = parameters.Add("Path", SqlDbType.NVarChar);
                        foreach (string path in paths)
                        {
                            if (!beginTranCalled && paths.Length > 1)
                            {
                                (new SqlCommand("BEGIN TRANSACTION", connection)).ExecuteNonQuery();
                                beginTranCalled = true;
                            }

                            parameter.Value = path;
                            command.ExecuteNonQuery();
                            SqlParameter countParam = command.Parameters[0];
                            if (countParam != null && countParam.Value != null && countParam.Value is Int32)
                            {
                                resultCount += (Int32)countParam.Value;
                            }
                        }

                        if (beginTranCalled)
                        {
                            (new SqlCommand("COMMIT TRANSACTION", connection)).ExecuteNonQuery();
                            beginTranCalled = false;
                        }
                    }
                    catch {
                        if (beginTranCalled)
                        {
                            (new SqlCommand("ROLLBACK TRANSACTION", connection)).ExecuteNonQuery();
                            beginTranCalled = false;
                        }
                        throw;
                    }
                    finally {
                        if (connectionHolder != null)
                        {
                            connectionHolder.Close();
                            connectionHolder = null;
                        }
                    }
                }
                catch {
                    throw;
                }
            }

            return(resultCount);
        }
Exemple #11
0
        public override string[] GetUsersInRole(string roleName)
        {
            string[] strArray2;
            SecUtility.CheckParameter(ref roleName, true, true, true, 0x100, "roleName");
            try
            {
                SqlConnectionHolder connection = null;
                try
                {
                    connection = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true);
                    this.CheckSchemaVersion(connection.Connection);
                    SqlCommand       cmd       = new SqlCommand("dbo.aspnet_UsersInRoles_GetUsersInRoles", connection.Connection);
                    SqlDataReader    reader    = null;
                    SqlParameter     parameter = new SqlParameter("@ReturnValue", SqlDbType.Int);
                    StringCollection strings   = new StringCollection();
                    cmd.CommandType     = CommandType.StoredProcedure;
                    cmd.CommandTimeout  = this.CommandTimeout;
                    parameter.Direction = ParameterDirection.ReturnValue;
                    cmd.Parameters.Add(parameter);
                    cmd.Parameters.Add(this.CreateInputParam("@ApplicationName", SqlDbType.NVarChar, this.ApplicationName));
                    cmd.Parameters.Add(this.CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName));
                    try
                    {
                        reader = cmd.ExecuteReader(CommandBehavior.SequentialAccess);
                        while (reader.Read())
                        {
                            strings.Add(reader.GetString(0));
                        }
                    }
                    catch
                    {
                        throw;
                    }
                    finally
                    {
                        if (reader != null)
                        {
                            reader.Close();
                        }
                    }
                    if (strings.Count < 1)
                    {
                        switch (this.GetReturnValue(cmd))
                        {
                        case 0:
                            return(new string[0]);

                        case 1:
                            throw new ProviderException(System.Web.SR.GetString("Provider_role_not_found", new object[] { roleName }));
                        }
                        throw new ProviderException(System.Web.SR.GetString("Provider_unknown_failure"));
                    }
                    string[] array = new string[strings.Count];
                    strings.CopyTo(array, 0);
                    strArray2 = array;
                }
                finally
                {
                    if (connection != null)
                    {
                        connection.Close();
                        connection = null;
                    }
                }
            }
            catch
            {
                throw;
            }
            return(strArray2);
        }
        /// <devdoc>
        /// </devdoc>
        private byte[] LoadPersonalizationBlob(SqlConnectionHolder connectionHolder, string path, string userName)
        {
            MySqlCommand command = new MySqlCommand();

            int status;

            if (userName != null) {
                status = MySqlStoredProcedures.aspnet_PersonalizationPerUser_GetPageSettings(ApplicationName,
                        userName, path, DateTime.UtcNow, connectionHolder, ref command);

                //command = new MySqlCommand("dbo.aspnet_PersonalizationPerUser_GetPageSettings", connection);
            }
            else {
                status = MySqlStoredProcedures.aspnet_PersonalizationAllUsers_GetPageSettings(ApplicationName,
                        path, connectionHolder, ref command);

                //command = new MySqlCommand("dbo.aspnet_PersonalizationAllUsers_GetPageSettings", connection);
            }

            //SetCommandTypeAndTimeout(command);
            //command.Parameters.Add(CreateParameter("@ApplicationName", MySqlDbType.VarChar, this.ApplicationName));
            //command.Parameters.Add(CreateParameter("@Path", MySqlDbType.VarChar, path));
            //if (userName != null) {
            //    command.Parameters.Add(CreateParameter("@UserName", MySqlDbType.VarChar, userName));
            //    command.Parameters.Add(CreateParameter("@CurrentTimeUtc", MySqlDbType.DateTime, DateTime.UtcNow));
            //}

            MySqlDataReader reader = null;
            try {
                reader = command.ExecuteReader(CommandBehavior.SingleRow);
                if (reader.Read()) {
                    int length = (int)reader.GetBytes(0, 0, null, 0, 0);
                    byte[] state = new byte[length];

                    reader.GetBytes(0, 0, state, 0, length);
                    return state;
                }
            }
            finally {
                if (reader != null) {
                    reader.Close();
                }
            }

            return null;
        }
        /// <devdoc>
        /// </devdoc>
        private void ResetPersonalizationState(SqlConnectionHolder connectionHolder, string path, string userName)
        {
            //MySqlCommand command;
            int status;

            if (userName != null) {
                status = MySqlStoredProcedures.aspnet_PersonalizationPerUser_ResetPageSettings(ApplicationName,
                        userName, path, DateTime.UtcNow, connectionHolder);

                //command = new MySqlCommand("dbo.aspnet_PersonalizationPerUser_ResetPageSettings", connection);
            }
            else {
                status = MySqlStoredProcedures.aspnet_PersonalizationAllUsers_ResetPageSettings(ApplicationName,
                        path, connectionHolder);

                //command = new MySqlCommand("dbo.aspnet_PersonalizationAllUsers_ResetPageSettings", connection);
            }

            //SetCommandTypeAndTimeout(command);
            //command.Parameters.Add(CreateParameter("@ApplicationName", MySqlDbType.VarChar, ApplicationName));
            //command.Parameters.Add(CreateParameter("@Path", MySqlDbType.VarChar, path));
            //if (userName != null) {
            //    command.Parameters.Add(CreateParameter("@UserName", MySqlDbType.VarChar, userName));
            //    command.Parameters.Add(CreateParameter("@CurrentTimeUtc", MySqlDbType.DateTime, DateTime.UtcNow));
            //}

            //command.ExecuteNonQuery();
        }
Exemple #14
0
        void WriteToSQL(WebBaseEventCollection events, int eventsDiscardedByBuffer, DateTime lastNotificationUtc)
        {
            // We don't want to send any more events until we've waited until the _retryDate (which defaults to minValue)
            if (_retryDate > DateTime.UtcNow)
            {
                return;
            }

            try {
                SqlConnectionHolder sqlConnHolder = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);

                SqlCommand sqlCommand = new SqlCommand(SP_LOG_EVENT);

                CheckSchemaVersion(sqlConnHolder.Connection);

                sqlCommand.CommandType = CommandType.StoredProcedure;
                sqlCommand.Connection  = sqlConnHolder.Connection;

                if (_commandTimeout > -1)
                {
                    sqlCommand.CommandTimeout = _commandTimeout;
                }

                PrepareParams(sqlCommand);

                try {
                    sqlConnHolder.Open(null, true);
                    Interlocked.Increment(ref _connectionCount);

                    if (eventsDiscardedByBuffer != 0)
                    {
                        WebBaseEvent infoEvent = new WebBaseEvent(
                            SR.GetString(SR.Sql_webevent_provider_events_dropped,
                                         eventsDiscardedByBuffer.ToString(CultureInfo.InstalledUICulture),
                                         lastNotificationUtc.ToString("r", CultureInfo.InstalledUICulture)),
                            null,
                            WebEventCodes.WebEventProviderInformation,
                            WebEventCodes.SqlProviderEventsDropped);

                        FillParams(sqlCommand, infoEvent);
                        sqlCommand.ExecuteNonQuery();
                    }

                    foreach (WebBaseEvent eventRaised in events)
                    {
                        FillParams(sqlCommand, eventRaised);
                        sqlCommand.ExecuteNonQuery();
                    }
                }
#if DBG
                catch (Exception e) {
                    Debug.Trace("SqlWebEventProvider", "ExecuteNonQuery failed: " + e);
                    throw;
                }
#endif
                finally {
                    sqlConnHolder.Close();
                    Interlocked.Decrement(ref _connectionCount);
                }

#if (!DBG)
                try {
#endif
                EventProcessingComplete(events);
#if (!DBG)
            }
            catch {
                // Ignore all errors.
            }
#endif
            }
            catch {
                // For any failure, we will wait at least 30 seconds or _commandTimeout before trying again
                double timeout = 30;
                if (_commandTimeout > -1)
                {
                    timeout = (double)_commandTimeout;
                }
                _retryDate = DateTime.UtcNow.AddSeconds(timeout);
                throw;
            }
        }
        /////////////////////////////////////////////////////////////////////////////
        /////////////////////////////////////////////////////////////////////////////
        // Private methods

        /////////////////////////////////////////////////////////////////////////////
        /////////////////////////////////////////////////////////////////////////////
        private ProfileInfoCollection GetProfilesForQuery(SqlParameter [] args, ProfileAuthenticationOption authenticationOption, int pageIndex, int pageSize, out int totalRecords)
        {
            if (pageIndex < 0)
            {
                throw new ArgumentException(SR.GetString(SR.PageIndex_bad), "pageIndex");
            }
            if (pageSize < 1)
            {
                throw new ArgumentException(SR.GetString(SR.PageSize_bad), "pageSize");
            }

            long upperBound = (long)pageIndex * pageSize + pageSize - 1;

            if (upperBound > Int32.MaxValue)
            {
                throw new ArgumentException(SR.GetString(SR.PageIndex_PageSize_bad), "pageIndex and pageSize");
            }

            try {
                SqlConnectionHolder holder = null;
                SqlDataReader       reader = null;
                try {
                    holder = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);
                    CheckSchemaVersion(holder.Connection);

                    SqlCommand cmd = new SqlCommand("dbo.aspnet_Profile_GetProfiles", holder.Connection);

                    cmd.CommandTimeout = CommandTimeout;
                    cmd.CommandType    = CommandType.StoredProcedure;
                    cmd.Parameters.Add(CreateInputParam("@ApplicationName", SqlDbType.NVarChar, ApplicationName));
                    cmd.Parameters.Add(CreateInputParam("@ProfileAuthOptions", SqlDbType.Int, (int)authenticationOption));
                    cmd.Parameters.Add(CreateInputParam("@PageIndex", SqlDbType.Int, pageIndex));
                    cmd.Parameters.Add(CreateInputParam("@PageSize", SqlDbType.Int, pageSize));
                    foreach (SqlParameter arg in args)
                    {
                        cmd.Parameters.Add(arg);
                    }
                    reader = cmd.ExecuteReader(CommandBehavior.SequentialAccess);
                    ProfileInfoCollection profiles = new ProfileInfoCollection();
                    while (reader.Read())
                    {
                        string   username;
                        DateTime dtLastActivity, dtLastUpdated;
                        bool     isAnon;

                        username       = reader.GetString(0);
                        isAnon         = reader.GetBoolean(1);
                        dtLastActivity = DateTime.SpecifyKind(reader.GetDateTime(2), DateTimeKind.Utc);
                        dtLastUpdated  = DateTime.SpecifyKind(reader.GetDateTime(3), DateTimeKind.Utc);
                        int size = reader.GetInt32(4);
                        profiles.Add(new ProfileInfo(username, isAnon, dtLastActivity, dtLastUpdated, size));
                    }
                    totalRecords = profiles.Count;
                    if (reader.NextResult())
                    {
                        if (reader.Read())
                        {
                            totalRecords = reader.GetInt32(0);
                        }
                    }
                    return(profiles);
                } finally {
                    if (reader != null)
                    {
                        reader.Close();
                    }

                    if (holder != null)
                    {
                        holder.Close();
                        holder = null;
                    }
                }
            }
            catch {
                throw;
            }
        }
        /////////////////////////////////////////////////////////////////////////////
        /////////////////////////////////////////////////////////////////////////////
        public override int DeleteProfiles(string[] usernames)
        {
            SecUtility.CheckArrayParameter(ref usernames,
                                           true,
                                           true,
                                           true,
                                           256,
                                           "usernames");

            int  numProfilesDeleted = 0;
            bool beginTranCalled    = false;

            try {
                SqlConnectionHolder holder = null;
                try
                {
                    holder = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);
                    CheckSchemaVersion(holder.Connection);

                    SqlCommand cmd;

                    int numUsersRemaing = usernames.Length;
                    while (numUsersRemaing > 0)
                    {
                        string allUsers = usernames[usernames.Length - numUsersRemaing];
                        numUsersRemaing--;
                        for (int iter = usernames.Length - numUsersRemaing; iter < usernames.Length; iter++)
                        {
                            if (allUsers.Length + usernames[iter].Length + 1 >= 4000)
                            {
                                break;
                            }
                            allUsers += "," + usernames[iter];
                            numUsersRemaing--;
                        }

                        // We don't need to start a transaction if we can finish this in one sql command
                        if (!beginTranCalled && numUsersRemaing > 0)
                        {
                            cmd = new SqlCommand("BEGIN TRANSACTION", holder.Connection);
                            cmd.ExecuteNonQuery();
                            beginTranCalled = true;
                        }

                        cmd = new SqlCommand("dbo.aspnet_Profile_DeleteProfiles", holder.Connection);

                        cmd.CommandTimeout = CommandTimeout;
                        cmd.CommandType    = CommandType.StoredProcedure;
                        cmd.Parameters.Add(CreateInputParam("@ApplicationName", SqlDbType.NVarChar, ApplicationName));
                        cmd.Parameters.Add(CreateInputParam("@UserNames", SqlDbType.NVarChar, allUsers));
                        object o = cmd.ExecuteScalar();
                        if (o != null && o is int)
                        {
                            numProfilesDeleted += (int)o;
                        }
                    }

                    if (beginTranCalled)
                    {
                        cmd = new SqlCommand("COMMIT TRANSACTION", holder.Connection);
                        cmd.ExecuteNonQuery();
                        beginTranCalled = false;
                    }
                } catch  {
                    if (beginTranCalled)
                    {
                        SqlCommand cmd = new SqlCommand("ROLLBACK TRANSACTION", holder.Connection);
                        cmd.ExecuteNonQuery();
                        beginTranCalled = false;
                    }
                    throw;
                } finally {
                    if (holder != null)
                    {
                        holder.Close();
                        holder = null;
                    }
                }
            } catch {
                throw;
            }
            return(numProfilesDeleted);
        }
        ////////////////////////////////////////////////////////////
        ////////////////////////////////////////////////////////////
        private void GetPropertyValuesFromDatabase(string userName, SettingsPropertyValueCollection svc)
        {
            HttpContext context = HttpContext.Current;

            if (context != null && HostingEnvironment.IsHosted && EtwTrace.IsTraceEnabled(EtwTraceLevel.Information, EtwTraceFlags.AppSvc))
            {
                EtwTrace.Trace(EtwTraceType.ETW_TYPE_PROFILE_BEGIN, HttpContext.Current.WorkerRequest);
            }

            string[] names  = null;
            string   values = null;

            byte[] buf   = null;
            string sName = null;

            if (context != null)
            {
                sName = (context.Request.IsAuthenticated ? context.User.Identity.Name : context.Request.AnonymousID);
            }

            try {
                SqlConnectionHolder holder = null;
                SqlDataReader       reader = null;
                try
                {
                    holder = SqlConnectionHelper.GetConnection(_sqlConnectionString, true);
                    CheckSchemaVersion(holder.Connection);
                    SqlCommand cmd = new SqlCommand("dbo.aspnet_Profile_GetProperties", holder.Connection);

                    cmd.CommandTimeout = CommandTimeout;
                    cmd.CommandType    = CommandType.StoredProcedure;
                    cmd.Parameters.Add(CreateInputParam("@ApplicationName", SqlDbType.NVarChar, ApplicationName));
                    cmd.Parameters.Add(CreateInputParam("@UserName", SqlDbType.NVarChar, userName));
                    cmd.Parameters.Add(CreateInputParam("@CurrentTimeUtc", SqlDbType.DateTime, DateTime.UtcNow));
                    reader = cmd.ExecuteReader(CommandBehavior.SingleRow);
                    if (reader.Read())
                    {
                        names  = reader.GetString(0).Split(':');
                        values = reader.GetString(1);

                        int size = (int)reader.GetBytes(2, 0, null, 0, 0);

                        buf = new byte[size];
                        reader.GetBytes(2, 0, buf, 0, size);
                    }
                } finally {
                    if (holder != null)
                    {
                        holder.Close();
                        holder = null;
                    }

                    if (reader != null)
                    {
                        reader.Close();
                    }
                }

                ProfileModule.ParseDataFromDB(names, values, buf, svc);

                if (context != null && HostingEnvironment.IsHosted && EtwTrace.IsTraceEnabled(EtwTraceLevel.Information, EtwTraceFlags.AppSvc))
                {
                    EtwTrace.Trace(EtwTraceType.ETW_TYPE_PROFILE_END, HttpContext.Current.WorkerRequest, userName);
                }
            } catch {
                throw;
            }
        }
Exemple #18
0
        private void GetPropertyValuesFromDatabase(string userName, SettingsPropertyValueCollection svc)
        {
            if (HostingEnvironment.IsHosted && EtwTrace.IsTraceEnabled(4, 8))
            {
                EtwTrace.Trace(EtwTraceType.ETW_TYPE_PROFILE_BEGIN, HttpContext.Current.WorkerRequest);
            }
            HttpContext current = HttpContext.Current;

            string[] names  = null;
            string   values = null;

            byte[] buffer = null;
            if (current != null)
            {
                if (!current.Request.IsAuthenticated)
                {
                    string anonymousID = current.Request.AnonymousID;
                }
                else
                {
                    string name = current.User.Identity.Name;
                }
            }
            try
            {
                SqlConnectionHolder connection = null;
                SqlDataReader       reader     = null;
                try
                {
                    connection = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true);
                    this.CheckSchemaVersion(connection.Connection);
                    SqlCommand command = new SqlCommand("dbo.aspnet_Profile_GetProperties", connection.Connection)
                    {
                        CommandTimeout = this.CommandTimeout,
                        CommandType    = CommandType.StoredProcedure
                    };
                    command.Parameters.Add(this.CreateInputParam("@ApplicationName", SqlDbType.NVarChar, this.ApplicationName));
                    command.Parameters.Add(this.CreateInputParam("@UserName", SqlDbType.NVarChar, userName));
                    command.Parameters.Add(this.CreateInputParam("@CurrentTimeUtc", SqlDbType.DateTime, DateTime.UtcNow));
                    reader = command.ExecuteReader(CommandBehavior.SingleRow);
                    if (reader.Read())
                    {
                        names  = reader.GetString(0).Split(new char[] { ':' });
                        values = reader.GetString(1);
                        int length = (int)reader.GetBytes(2, 0L, null, 0, 0);
                        buffer = new byte[length];
                        reader.GetBytes(2, 0L, buffer, 0, length);
                    }
                }
                finally
                {
                    if (connection != null)
                    {
                        connection.Close();
                        connection = null;
                    }
                    if (reader != null)
                    {
                        reader.Close();
                    }
                }
                ProfileModule.ParseDataFromDB(names, values, buffer, svc);
                if (HostingEnvironment.IsHosted && EtwTrace.IsTraceEnabled(4, 8))
                {
                    EtwTrace.Trace(EtwTraceType.ETW_TYPE_PROFILE_END, HttpContext.Current.WorkerRequest, userName);
                }
            }
            catch
            {
                throw;
            }
        }
Exemple #19
0
        private int ResetUserState(ResetUserStateMode mode,
                                   DateTime userInactiveSinceDate,
                                   string[] paths,
                                   string[] usernames)
        {
            SqlConnectionHolder connectionHolder = null;
            SqlConnection       connection       = null;
            int count = 0;

            // Extra try-catch block to prevent elevation of privilege attack via exception filter
            try {
                bool beginTranCalled = false;
                try {
                    connectionHolder = GetConnectionHolder();
                    connection       = connectionHolder.Connection;
                    Debug.Assert(connection != null);

                    CheckSchemaVersion(connection);

                    SqlCommand command = new SqlCommand("dbo.aspnet_PersonalizationAdministration_ResetUserState", connection);
                    SetCommandTypeAndTimeout(command);
                    SqlParameterCollection parameters = command.Parameters;

                    SqlParameter parameter = parameters.Add(new SqlParameter("Count", SqlDbType.Int));
                    parameter.Direction = ParameterDirection.Output;

                    parameters.AddWithValue("ApplicationName", ApplicationName);

                    string firstPath = (paths != null && paths.Length > 0) ? paths[0] : null;

                    if (mode == ResetUserStateMode.PerInactiveDate)
                    {
                        if (userInactiveSinceDate != PersonalizationAdministration.DefaultInactiveSinceDate)
                        {
                            // Special note: DateTime object cannot be added to collection
                            // via AddWithValue for some reason.
                            parameter       = parameters.Add("InactiveSinceDate", SqlDbType.DateTime);
                            parameter.Value = userInactiveSinceDate.ToUniversalTime();
                        }

                        if (firstPath != null)
                        {
                            parameters.AddWithValue("Path", firstPath);
                        }

                        command.ExecuteNonQuery();
                        SqlParameter countParam = command.Parameters[0];
                        if (countParam != null && countParam.Value != null && countParam.Value is Int32)
                        {
                            count = (Int32)countParam.Value;
                        }
                    }
                    else if (mode == ResetUserStateMode.PerPaths)
                    {
                        Debug.Assert(paths != null);
                        parameter = parameters.Add("Path", SqlDbType.NVarChar);
                        foreach (string path in paths)
                        {
                            if (!beginTranCalled && paths.Length > 1)
                            {
                                (new SqlCommand("BEGIN TRANSACTION", connection)).ExecuteNonQuery();
                                beginTranCalled = true;
                            }

                            parameter.Value = path;
                            command.ExecuteNonQuery();
                            SqlParameter countParam = command.Parameters[0];
                            if (countParam != null && countParam.Value != null && countParam.Value is Int32)
                            {
                                count += (Int32)countParam.Value;
                            }
                        }
                    }
                    else
                    {
                        Debug.Assert(mode == ResetUserStateMode.PerUsers);
                        if (firstPath != null)
                        {
                            parameters.AddWithValue("Path", firstPath);
                        }

                        parameter = parameters.Add("UserName", SqlDbType.NVarChar);
                        foreach (string user in usernames)
                        {
                            if (!beginTranCalled && usernames.Length > 1)
                            {
                                (new SqlCommand("BEGIN TRANSACTION", connection)).ExecuteNonQuery();
                                beginTranCalled = true;
                            }

                            parameter.Value = user;
                            command.ExecuteNonQuery();
                            SqlParameter countParam = command.Parameters[0];
                            if (countParam != null && countParam.Value != null && countParam.Value is Int32)
                            {
                                count += (Int32)countParam.Value;
                            }
                        }
                    }

                    if (beginTranCalled)
                    {
                        (new SqlCommand("COMMIT TRANSACTION", connection)).ExecuteNonQuery();
                        beginTranCalled = false;
                    }
                }
                catch {
                    if (beginTranCalled)
                    {
                        (new SqlCommand("ROLLBACK TRANSACTION", connection)).ExecuteNonQuery();
                        beginTranCalled = false;
                    }
                    throw;
                }
                finally {
                    if (connectionHolder != null)
                    {
                        connectionHolder.Close();
                        connectionHolder = null;
                    }
                }
            }
            catch {
                throw;
            }

            return(count);
        }
Exemple #20
0
        private PersonalizationStateInfoCollection FindSharedState(string path, int pageIndex, int pageSize, out int totalRecords)
        {
            SqlConnectionHolder connectionHolder = null;
            SqlConnection       connection       = null;
            SqlDataReader       reader           = null;
            PersonalizationStateInfoCollection infos2;

            totalRecords = 0;
            try
            {
                try
                {
                    connectionHolder = this.GetConnectionHolder();
                    connection       = connectionHolder.Connection;
                    this.CheckSchemaVersion(connection);
                    SqlCommand command = new SqlCommand("dbo.aspnet_PersonalizationAdministration_FindState", connection);
                    this.SetCommandTypeAndTimeout(command);
                    SqlParameterCollection parameters = command.Parameters;
                    parameters.Add(new SqlParameter("AllUsersScope", SqlDbType.Bit)).Value = true;
                    parameters.AddWithValue("ApplicationName", this.ApplicationName);
                    parameters.AddWithValue("PageIndex", pageIndex);
                    parameters.AddWithValue("PageSize", pageSize);
                    SqlParameter parameter2 = new SqlParameter("@ReturnValue", SqlDbType.Int)
                    {
                        Direction = ParameterDirection.ReturnValue
                    };
                    parameters.Add(parameter2);
                    SqlParameter parameter = parameters.Add("Path", SqlDbType.NVarChar);
                    if (path != null)
                    {
                        parameter.Value = path;
                    }
                    parameter = parameters.Add("UserName", SqlDbType.NVarChar);
                    parameter = parameters.Add("InactiveSinceDate", SqlDbType.DateTime);
                    reader    = command.ExecuteReader(CommandBehavior.SequentialAccess);
                    PersonalizationStateInfoCollection infos = new PersonalizationStateInfoCollection();
                    if (reader != null)
                    {
                        if (reader.HasRows)
                        {
                            while (reader.Read())
                            {
                                string   str                     = reader.GetString(0);
                                DateTime lastUpdatedDate         = reader.IsDBNull(1) ? DateTime.MinValue : DateTime.SpecifyKind(reader.GetDateTime(1), DateTimeKind.Utc);
                                int      size                    = reader.IsDBNull(2) ? 0 : reader.GetInt32(2);
                                int      sizeOfPersonalizations  = reader.IsDBNull(3) ? 0 : reader.GetInt32(3);
                                int      countOfPersonalizations = reader.IsDBNull(4) ? 0 : reader.GetInt32(4);
                                infos.Add(new SharedPersonalizationStateInfo(str, lastUpdatedDate, size, sizeOfPersonalizations, countOfPersonalizations));
                            }
                        }
                        reader.Close();
                        reader = null;
                    }
                    if ((parameter2.Value != null) && (parameter2.Value is int))
                    {
                        totalRecords = (int)parameter2.Value;
                    }
                    infos2 = infos;
                }
                finally
                {
                    if (reader != null)
                    {
                        reader.Close();
                    }
                    if (connectionHolder != null)
                    {
                        connectionHolder.Close();
                        connectionHolder = null;
                    }
                }
            }
            catch
            {
                throw;
            }
            return(infos2);
        }
Exemple #21
0
        public override bool IsUserInRole(string username, string roleName)
        {
            bool flag;

            SecUtility.CheckParameter(ref roleName, true, true, true, 0x100, "roleName");
            SecUtility.CheckParameter(ref username, true, false, true, 0x100, "username");
            if (username.Length < 1)
            {
                return(false);
            }
            try
            {
                SqlConnectionHolder connection = null;
                try
                {
                    connection = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true);
                    this.CheckSchemaVersion(connection.Connection);
                    SqlCommand cmd = new SqlCommand("dbo.aspnet_UsersInRoles_IsUserInRole", connection.Connection)
                    {
                        CommandType    = CommandType.StoredProcedure,
                        CommandTimeout = this.CommandTimeout
                    };
                    SqlParameter parameter = new SqlParameter("@ReturnValue", SqlDbType.Int)
                    {
                        Direction = ParameterDirection.ReturnValue
                    };
                    cmd.Parameters.Add(parameter);
                    cmd.Parameters.Add(this.CreateInputParam("@ApplicationName", SqlDbType.NVarChar, this.ApplicationName));
                    cmd.Parameters.Add(this.CreateInputParam("@UserName", SqlDbType.NVarChar, username));
                    cmd.Parameters.Add(this.CreateInputParam("@RoleName", SqlDbType.NVarChar, roleName));
                    cmd.ExecuteNonQuery();
                    switch (this.GetReturnValue(cmd))
                    {
                    case 0:
                        return(false);

                    case 1:
                        return(true);

                    case 2:
                        return(false);

                    case 3:
                        return(false);
                    }
                    throw new ProviderException(System.Web.SR.GetString("Provider_unknown_failure"));
                }
                finally
                {
                    if (connection != null)
                    {
                        connection.Close();
                        connection = null;
                    }
                }
            }
            catch
            {
                throw;
            }
            return(flag);
        }
Exemple #22
0
        private int ResetSharedState(string[] paths)
        {
            int num = 0;

            if (paths == null)
            {
                return(this.ResetAllState(PersonalizationScope.Shared));
            }
            SqlConnectionHolder connectionHolder = null;
            SqlConnection       connection       = null;

            try
            {
                bool flag = false;
                try
                {
                    try
                    {
                        connectionHolder = this.GetConnectionHolder();
                        connection       = connectionHolder.Connection;
                        this.CheckSchemaVersion(connection);
                        SqlCommand command = new SqlCommand("dbo.aspnet_PersonalizationAdministration_ResetSharedState", connection);
                        this.SetCommandTypeAndTimeout(command);
                        SqlParameterCollection parameters = command.Parameters;
                        parameters.Add(new SqlParameter("Count", SqlDbType.Int)).Direction = ParameterDirection.Output;
                        parameters.AddWithValue("ApplicationName", this.ApplicationName);
                        SqlParameter parameter = parameters.Add("Path", SqlDbType.NVarChar);
                        foreach (string str in paths)
                        {
                            if (!flag && (paths.Length > 1))
                            {
                                new SqlCommand("BEGIN TRANSACTION", connection).ExecuteNonQuery();
                                flag = true;
                            }
                            parameter.Value = str;
                            command.ExecuteNonQuery();
                            SqlParameter parameter2 = command.Parameters[0];
                            if (((parameter2 != null) && (parameter2.Value != null)) && (parameter2.Value is int))
                            {
                                num += (int)parameter2.Value;
                            }
                        }
                        if (flag)
                        {
                            new SqlCommand("COMMIT TRANSACTION", connection).ExecuteNonQuery();
                            flag = false;
                        }
                    }
                    catch
                    {
                        if (flag)
                        {
                            new SqlCommand("ROLLBACK TRANSACTION", connection).ExecuteNonQuery();
                            flag = false;
                        }
                        throw;
                    }
                    return(num);
                }
                finally
                {
                    if (connectionHolder != null)
                    {
                        connectionHolder.Close();
                        connectionHolder = null;
                    }
                }
            }
            catch
            {
                throw;
            }
            return(num);
        }
Exemple #23
0
        private int ResetUserState(ResetUserStateMode mode, DateTime userInactiveSinceDate, string[] paths, string[] usernames)
        {
            SqlConnectionHolder connectionHolder = null;
            SqlConnection       connection       = null;
            int num = 0;

            try
            {
                bool flag = false;
                try
                {
                    try
                    {
                        connectionHolder = this.GetConnectionHolder();
                        connection       = connectionHolder.Connection;
                        this.CheckSchemaVersion(connection);
                        SqlCommand command = new SqlCommand("dbo.aspnet_PersonalizationAdministration_ResetUserState", connection);
                        this.SetCommandTypeAndTimeout(command);
                        SqlParameterCollection parameters = command.Parameters;
                        parameters.Add(new SqlParameter("Count", SqlDbType.Int)).Direction = ParameterDirection.Output;
                        parameters.AddWithValue("ApplicationName", this.ApplicationName);
                        string str = ((paths != null) && (paths.Length > 0)) ? paths[0] : null;
                        if (mode == ResetUserStateMode.PerInactiveDate)
                        {
                            if (userInactiveSinceDate != PersonalizationAdministration.DefaultInactiveSinceDate)
                            {
                                parameters.Add("InactiveSinceDate", SqlDbType.DateTime).Value = userInactiveSinceDate.ToUniversalTime();
                            }
                            if (str != null)
                            {
                                parameters.AddWithValue("Path", str);
                            }
                            command.ExecuteNonQuery();
                            SqlParameter parameter2 = command.Parameters[0];
                            if (((parameter2 != null) && (parameter2.Value != null)) && (parameter2.Value is int))
                            {
                                num = (int)parameter2.Value;
                            }
                        }
                        else
                        {
                            SqlParameter parameter;
                            if (mode == ResetUserStateMode.PerPaths)
                            {
                                parameter = parameters.Add("Path", SqlDbType.NVarChar);
                                foreach (string str2 in paths)
                                {
                                    if (!flag && (paths.Length > 1))
                                    {
                                        new SqlCommand("BEGIN TRANSACTION", connection).ExecuteNonQuery();
                                        flag = true;
                                    }
                                    parameter.Value = str2;
                                    command.ExecuteNonQuery();
                                    SqlParameter parameter3 = command.Parameters[0];
                                    if (((parameter3 != null) && (parameter3.Value != null)) && (parameter3.Value is int))
                                    {
                                        num += (int)parameter3.Value;
                                    }
                                }
                            }
                            else
                            {
                                if (str != null)
                                {
                                    parameters.AddWithValue("Path", str);
                                }
                                parameter = parameters.Add("UserName", SqlDbType.NVarChar);
                                foreach (string str3 in usernames)
                                {
                                    if (!flag && (usernames.Length > 1))
                                    {
                                        new SqlCommand("BEGIN TRANSACTION", connection).ExecuteNonQuery();
                                        flag = true;
                                    }
                                    parameter.Value = str3;
                                    command.ExecuteNonQuery();
                                    SqlParameter parameter4 = command.Parameters[0];
                                    if (((parameter4 != null) && (parameter4.Value != null)) && (parameter4.Value is int))
                                    {
                                        num += (int)parameter4.Value;
                                    }
                                }
                            }
                        }
                        if (flag)
                        {
                            new SqlCommand("COMMIT TRANSACTION", connection).ExecuteNonQuery();
                            flag = false;
                        }
                    }
                    catch
                    {
                        if (flag)
                        {
                            new SqlCommand("ROLLBACK TRANSACTION", connection).ExecuteNonQuery();
                            flag = false;
                        }
                        throw;
                    }
                    return(num);
                }
                finally
                {
                    if (connectionHolder != null)
                    {
                        connectionHolder.Close();
                        connectionHolder = null;
                    }
                }
            }
            catch
            {
                throw;
            }
            return(num);
        }
Exemple #24
0
        public override int DeleteProfiles(string[] usernames)
        {
            SecUtility.CheckArrayParameter(ref usernames, true, true, true, 0x100, "usernames");
            int  num  = 0;
            bool flag = false;

            try
            {
                SqlConnectionHolder connection = null;
                try
                {
                    try
                    {
                        connection = SqlConnectionHelper.GetConnection(this._sqlConnectionString, true);
                        this.CheckSchemaVersion(connection.Connection);
                        int length = usernames.Length;
                        while (length > 0)
                        {
                            SqlCommand command;
                            string     objValue = usernames[usernames.Length - length];
                            length--;
                            for (int i = usernames.Length - length; i < usernames.Length; i++)
                            {
                                if (((objValue.Length + usernames[i].Length) + 1) >= 0xfa0)
                                {
                                    break;
                                }
                                objValue = objValue + "," + usernames[i];
                                length--;
                            }
                            if (!flag && (length > 0))
                            {
                                command = new SqlCommand("BEGIN TRANSACTION", connection.Connection);
                                command.ExecuteNonQuery();
                                flag = true;
                            }
                            command = new SqlCommand("dbo.aspnet_Profile_DeleteProfiles", connection.Connection)
                            {
                                CommandTimeout = this.CommandTimeout,
                                CommandType    = CommandType.StoredProcedure
                            };
                            command.Parameters.Add(this.CreateInputParam("@ApplicationName", SqlDbType.NVarChar, this.ApplicationName));
                            command.Parameters.Add(this.CreateInputParam("@UserNames", SqlDbType.NVarChar, objValue));
                            object obj2 = command.ExecuteScalar();
                            if ((obj2 != null) && (obj2 is int))
                            {
                                num += (int)obj2;
                            }
                        }
                        if (flag)
                        {
                            new SqlCommand("COMMIT TRANSACTION", connection.Connection).ExecuteNonQuery();
                            flag = false;
                        }
                    }
                    catch
                    {
                        if (flag)
                        {
                            new SqlCommand("ROLLBACK TRANSACTION", connection.Connection).ExecuteNonQuery();
                            flag = false;
                        }
                        throw;
                    }
                    return(num);
                }
                finally
                {
                    if (connection != null)
                    {
                        connection.Close();
                        connection = null;
                    }
                }
            }
            catch
            {
                throw;
            }
            return(num);
        }